Application No. 10/693,097 
Amendments to the Claims: 

This listing of claims will replace all prior versions and listings of claims in the application. 
Listing of Claims: 

1-2. Cancelled 

3. (Amended) A ¥he-method of claim 1 in a computer system for identifying a principal 
associated with a first object comprising; 

maintaining in the first object identity information identifying the principal; 
invoking a method in an application programming interface (API) with the identity 
information as an argument, wherein the identity information is an identity reference identifying 
an identity claim of the principal and invoking comprises: 

invoking a findbyidentity method in a principal API exposed by [[the]] a principal 
data store with [[the]] an ItemContext as a first argument, and the identity reference as a 
second argument; and 

under control of the findbyidentity method, searching [[a]] the principal 
data store identified by the ItemContext argument for [[a]] the principal having 
the identity claim; 

instantiating a principal object for the principal having the identity claim; 
returning a pointer to the principal object; [[or]] and , 
if more than one principal is found in the principal data store, returning an error. 

4. (Amended) A fte-method of claim 1 in a computer system for identifying a principal 
associated with a first object comprising; 

maintaining in the first object identity information identifying the principal; 
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invoking a method in an API with the identity information as an argument, wherein the 
identity information is an identity reference identifying an identity claim of the principal, the 
identity reference having an identity claim value and scheme, and invoking comprises: 

invoking a findbyidentity method with the identity claim value and scheme as 
arguments; [[and]] 

under control of the findbyidentity method, searching a principal data 
store for [[a]] the principal having the identity claim value and scheme; 

instantiating a principal object for the principal having the identity claim 
value and scheme; 

returning a pointer to the principal object; [[or]] and, 
if more than one principal is found in the principal data store having the 
identity claim value and scheme, returning an error, 
5. (Amended) A ^Fhe-method of claim 1 in a computer system for identifying a principal 
associated with a first object comprising: 

maintaining in the first object identity information identifying the principal; 
invoking a method in an application programming interface (API) with the identity 
information as an argument, wherein the identity information is an identity reference identifying 
an identity claim of the principal, the identity reference having an identity claim value and 
scheme, and invoking comprises: 

invoking a findbyidentity method with the identity claim value as an argument; 

and 

under control of the findbyidentity method, searching a principal data 
store for [[a]] the principal having the identity claim value with any scheme; 
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instantiating a principal object for the principal having the identity claim 
value and scheme; 

returning a pointer to the principal object; [[or]] and , 
if more than one principal is found in the data store having the identity 
claim value and scheme, returning an error, 
6. (Amended) AJFhe-method of claim 1 in a computer system for identifying a principal 
associated with a first object comprising: 

maintaining in the first object identity information identifying the principal; 
invoking a method in an application programming interface (API) with the identity 
information as an argument, wherein the identity information is an identity reference identifying 
an identity claim of the principal, the identity reference having an identity claim value and 
scheme, and invoking comprises: 

invoking a findbyidentity method with the identity claim value and scheme and a 
principal type as arguments, the findbyidentity method in an application programming 
interface of the first object; [[and]] 

under control of the findbyidentity method, searching a principal data 
store for a principal of the principal type that also has the identity claim value and 
scheme; 

instantiating a principal object of the principal type, the principal object 

having the identity claim value and scheme; [[and]] 

returning a pointer to the principal object; [[or]] and , 

if more than one principal is found in the data store having the identity 

claim value and scheme, returning an error. 
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7. (Amended) A The-method of claim 1 in a computer system for identifying a principal 
associated with a first object comprising: 

maintaining in the first object identity information identifying the principal; 
invoking a method in an application programming interface (API) with the identity 
information as an argument, wherein the first object is an identity reference object having an 
identity reference and invoking comprises: 

invoking a findbyidentity method with the identity reference, the findbyidentity 
method in an application programming interface of the first object; and 

under control of the findbyidentity method, searching a principal data 
store for [[a]] the principal identified by the identity reference; 

instantiating a principal object for the principal identified by the identity 
reference; [[and]] 

returning a pointer to the principal object; [[or]] and, 
if more than one principal is found in the data store having the identity 
claim value and scheme, returning an error. 

8. (Amended) The method of claim [[1]] 3 further comprising: 

storing in the principal data store, principal data including at least one identity claim for 
every principal known to the computer system. 

9. (Amended) The method of claim [[1]] 3, wherein the principal object includes at least 
one identity claim object, and the principal object and identity claim object expose application 
programming interfaces that have the findbyidentity method. 

10-15. Cancelled 
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16, (Amended) A¥he-computer program product of claim 1 4 readable by a computing 
system and encoding a computer program of instructions for executing a computer process for 
identifying a principal said computer process comprising: 

maintaining in a first object identity information identifying the principal; 

invoking a method in an application programming interface (API) with the identity 
information as an argument, 

under control of the method, wherein the identity information is an identity reference 
identifying an identity claim of the principal and invoking comprises: 

invoking a fmdbyidentity method in a principal API exposed by [[the]] a principal 

data store with the identity reference as a first argument, and an ItemContext as a second 

argument; [[and]] 

under control of the fmdbyidentity method, searching [[a]] the principal 
data store identified by the ItemContext argument for [[a]] the principal having 
the identity claim; 

instantiating a principal object for the principal having the identity claim; 

returning a pointer to the principal object; [[or]] and , 

if more than one principal is found in the data store, returning an error. 

17. (Amended) A Jfte-computer program product of claim I A readable by a computing 
system and encoding a computer program of instructions for executing a computer process for 
identifying a principal said computer process comprising: 

maintaining in a first object identity information identifying the principal; 
invoking a method in an application programming interface (API) with the identity 
information as an argument, wherein the identity information is an identity reference identifying 



6 



Application No. 10/693,097 

an identity claim of the principal, the identity reference having an identity claim value and 
scheme, and invoking comprises: 

invoking a fmdbyidentity method with the identity claim value and scheme as 
arguments; [[and]] 

under control of the fmdbyidentity method, searching a principal data 
store for [[a]] the principal having the identity claim value and scheme; 

instantiating a principal object for the principal having the identity claim 
value and scheme; 

returning a pointer to the principal object; [[or]] and , 
if more than one principal is found in the data store having the identity 
claim value and scheme, returning an error. 

18. (Amended) The computer program product of claim 16[[ 14]] further comprising: 
storing in the principal data store, principal data including at least one identity claim for 

every principal known to the computer system. 

1 9. (Amended) The computer program product of claim 16[[ 1 7]], further 
comprising: 

independently selecting a property from the principal data to be an identity claim, the 
property uniquely identifying the principal and distinguishing it from all other principals known 
to the computer system. 

20-35. Cancelled 

36. (New) The method of claim 4 further comprising: 

storing in the principal data store, principal data including at least one identity claim for 
every principal known to the computer system. 
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37. (New) The method of claim 4, wherein the principal object includes at least one 
identity claim object, and the principal object and identity claim object expose application 
programming interfaces that have the fmdbyidentity method. 

38. (New) The method of claim 5 further comprising: 

storing in the principal data store, principal data including at least one identity claim for 
every principal known to the computer system. 

39. (New) The method of claim 5, wherein the principal object includes at least one 
identity claim object, and the principal object and identity claim object expose application 
programming interfaces that have the fmdbyidentity method. 

38. (New) The method of claim 6 further comprising: 

storing in the principal data store, principal data including at least one identity claim for 
every principal known to the computer system. 

39. (New) The method of claim 6, wherein the principal object includes at least one 
identity claim object, and the principal object and identity claim object expose application 
programming interfaces that have the fmdbyidentity method. 

40. (New) The method of claim 7 further comprising: 

storing in the principal data store, principal data including at least one identity claim for 
every principal known to the computer system. 

41 . (New) The method of claim 7, wherein the principal object includes at least one 
identity claim object, and the principal object and identity claim object expose application 
programming interfaces that have the fmdbyidentity method. 

42. (New) The computer program product of claim 17 further comprising: 
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storing in the principal data store, principal data including at least one identity claim for 

every principal known to the computer system. 

43. (New) The computer program product of claim 17, further comprising: 
independently selecting a property from the principal data to be an identity claim, the 

property uniquely identifying the principal and distinguishing it from all other principals known 

to the computer system. 
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